Update to the latest versions immediately.
A very good example of these media players are Kodi and VLC. They are open source streaming software that many people use as a central media center for their digital media.
Good news is that they have released latest updates. upgrades and fixes.
So why should I be concerned about my media player? Let me explain why. Most of them have the capability of using subtitles. Security firm Check Point discovered the flaw in Kodi, VLC, Popcorn Time and Stremio and other video players out there. Subtitle files can be maliciously altered and capable of giving the attacker complete control over the target device.
Legitimate copies of films and its subtitles post no risk at all, however, it is a different story when it comes to downloaded subtitles obtained from various online repositories.
What is surprising about it, Check Point made it clear that the subtitle repositories are treated as trusted source by the media player and with the use of the altered subtitles, malware can be loaded.
Even more alarming, the attacker can manipulate these database of subtitles to boost their ranking and be downloaded and spread even wider.
Antivirus software often treat subtitle files as plain text files and are mostly ignored thus flying under the radar of antivirus solutions.
It has been estimated that no less than 200 million users are using media players are vulnerable.
VLC, Kodi, Popcorn Time have released fixed versions of the software.
If you have not updated to the latest version, stay clear from downloading subtitles.
Other media players may be affected and they might not be aware of it as of the moment. If unsure about its security, use a trustworthy updated media player.
